Android Forensics
Investigation, Analysis and Mobile Security for Google Android
- 1st Edition - June 15, 2011
- Imprint: Syngress
- Author: Andrew Hoog
- Language: English
- Paperback ISBN:9 7 8 - 1 - 5 9 7 4 9 - 6 5 1 - 3
- eBook ISBN:9 7 8 - 1 - 5 9 7 4 9 - 6 5 2 - 0
Android Forensics: Investigation, Analysis, and Mobile Security for Google Android provides the background, techniques and analysis tools you need to effectively investiga… Read more
Purchase options
Institutional subscription on ScienceDirect
Request a sales quoteAndroid Forensics: Investigation, Analysis, and Mobile Security for Google Android provides the background, techniques and analysis tools you need to effectively investigate an Android phone. This book offers a thorough review of the Android platform, including the core hardware and software components, file systems and data structures, data security considerations, and forensic acquisition techniques and strategies for the subsequent analysis require d. this book is ideal for the classroom as it teaches readers not only how to forensically acquire Android devices but also how to apply actual forensic techniques to recover data.
The book lays a heavy emphasis on open source tools and step-by-step examples and includes information about Android applications needed for forensic investigations. It is organized into seven chapters that cover the history of the Android platform and its internationalization; the Android Open Source Project (AOSP) and the Android Market; a brief tutorial on Linux and Android forensics; and how to create an Ubuntu-based virtual machine (VM). The book also considers a wide array of Android-supported hardware and device types, the various Android releases, the Android software development kit (SDK), the Davlik VM, key components of Android security, and other fundamental concepts related to Android forensics, such as the Android debug bridge and the USB debugging setting. In addition, it analyzes how data are stored on an Android device and describes strategies and specific utilities that a forensic analyst or security engineer can use to examine an acquired Android device.
Core Android developers and manufacturers, app developers, corporate security officers, and anyone with limited forensic experience will find this book extremely useful. It will also appeal to computer forensic and incident response professionals, including commercial/private sector contractors, consultants, and those in federal government.
- Named a 2011 Best Digital Forensics Book by InfoSec Reviews
- Ability to forensically acquire Android devices using the techniques outlined in the book
- Detailed information about Android applications needed for forensics investigations
- Important information about SQLite, a file based structured data storage relevant for both Android and many other platforms.
Computer forensic and incident response professionals. This includes LE, federal government, commercial/private sector contractors, consultants, etc.
Dedication
Acknowledgements
Introduction
Chapter 1
Chapter 2
Chapter 3
Chapter 4
Chapter 5
Chapter 6
Chapter 7
Website
About the Author
About the Technical Editor
Chapter 1. Android and mobile forensics
Introduction
Android platform
Linux, Open source software, and forensics
Android Open Source Project
Internationalization
Android Market
Android forensics
Summary
References
Chapter 2. Android hardware platforms
Introduction
Overview of core components
Overview of different device types
ROM and boot loaders
Manufacturers
Android updates
Specific devices
Summary
References
Chapter 3. Android software development kit and android debug bridge
Introduction
Android platforms
Software development kit (SDK)
Android security model
Forensics and the SDK
Summary
References
Chapter 4. Android file systems and data structures
Introduction
Data in the Shell
Type of memory
File systems
Mounted file systems
Summary
References
Chapter 5. Android device, data, and app security
Introduction
Data theft targets and attack vectors
Security considerations
Individual security strategies
Corporate security strategies
App development security strategies
Summary
References
Chapter 6. Android forensic techniques
Introduction
Procedures for handling an Android device
Imaging Android USB mass storage devices
Logical techniques
Physical techniques
Summary
References
Chapter 7. Android application and forensic analysis
Introduction
Analysis techniques
FAT forensic analysis
YAFFS2 forensic analysis
Android app analysis and reference
Summary
References
Index
- Edition: 1
- Published: June 15, 2011
- Imprint: Syngress
- No. of pages: 432
- Language: English
- Paperback ISBN: 9781597496513
- eBook ISBN: 9781597496520
AH
Andrew Hoog
Andrew Hoog is a computer scientist, certified forensic analyst (GCFA and CCE), computer and mobile forensics researcher, former adjunct professor (assembly language) and owner of viaForensics, an innovative computer and mobile forensic firm. He divides his energies between investigations, research and training about the computer and mobile forensic discipline. He writes computer/mobile forensic how-to guides, is interviewed on radio programs and lectures and trains both corporations and law enforcement agencies. As the foremost expert in Android Forensics, he leads expert level training courses, speaks frequently at conferences and is writing a book on Android forensics.
Affiliations and expertise
Former adjunct professor (assembly language) and owner of viaForensicsRead Android Forensics on ScienceDirect